History log of /openssl/test/hpke_test.c (Results 1 – 12 of 12)
Revision Date Author Comments
# 7ed6de99 05-Sep-2024 Tomas Mraz

Copyright year updates


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes


# f83707dc 13-Sep-2023 Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>

open brace '{' following struct go on the same line

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Revie

open brace '{' following struct go on the same line

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)

show more ...


# a1c03068 16-Oct-2023 Stephen Farrell

Add additional internal HPKE hardening checks resulting from code audit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://g

Add additional internal HPKE hardening checks resulting from code audit.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22493)

show more ...


# da1c088f 07-Sep-2023 Matt Caswell

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


# 4032cd9a 17-Apr-2023 Yi Li

configure: introduce no-ecx to remove ECX related feature

This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi

configure: introduce no-ecx to remove ECX related feature

This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)

show more ...


# 8b7b9aac 23-Mar-2023 slontis

Fix a HPKE API to put libctx, propq as last (optional parameters).

This keeps the interface consistent with other HPKE API's.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewe

Fix a HPKE API to put libctx, propq as last (optional parameters).

This keeps the interface consistent with other HPKE API's.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20583)

show more ...


# 4a6e5a11 16-Jan-2023 FdaSilvaYY

Fix windows builds

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://gith

Fix windows builds

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20109)

show more ...


# cae72eef 07-Dec-2022 Stephen Farrell

prevent HPKE sender setting seq unwisely

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/opens

prevent HPKE sender setting seq unwisely

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19840)

show more ...


# 36b4d7a6 29-Nov-2022 Tomas Mraz

hpke: fix tests with disabled chacha20 or poly1305

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/op

hpke: fix tests with disabled chacha20 or poly1305

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19784)

show more ...


# d9ed3068 29-Nov-2022 Tomas Mraz

Refactoring some operations to avoid repeated calls

Fetch the EVP_CIPHER for aead in OSSL_HPKE_CTX_new()
to avoid re-fetching on each aead operation.

Save kem/kdf/aead_info in O

Refactoring some operations to avoid repeated calls

Fetch the EVP_CIPHER for aead in OSSL_HPKE_CTX_new()
to avoid re-fetching on each aead operation.

Save kem/kdf/aead_info in OSSL_HPKE_CTX.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19784)

show more ...


# 450f96e9 27-Nov-2022 slontis

Fix Coverity issues in HPKE

CID 1517043 and 1517038: (Forward NULL) - Removed redundant check that is already
done by the caller. It was complaining that it checked for ctlen == NULL

Fix Coverity issues in HPKE

CID 1517043 and 1517038: (Forward NULL) - Removed redundant check that is already
done by the caller. It was complaining that it checked for ctlen == NULL
and then did a goto that used this *ctlen.

CID 1517042 and 1517041: (Forward NULL) - Similar to above for ptlen in
hpke_aead_dec()

CID 1517040: Remove unneeded logging. This gets rid of the warning
related to taking the sizeof(&)

CID 1517039: Check returned value of RAND_bytes_ex() in hpke_test

CID 1517038: Check return result of KEM_INFO_find() in
OSSL_HPKE_get_recomended_ikmelen. Even though this is a false positive,
it should not rely on the internals of other function calls.

Changed some goto's into returns to match OpenSSL coding guidelines.
Removed Raises from calls to _new which fail from malloc calls.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19774)

show more ...


# ad062480 22-Nov-2022 Stephen Farrell

Implements Hybrid Public Key Encryption (HPKE) as per RFC9180.

This supports all the modes, suites and export mechanisms defined
in RFC9180 and should be relatively easily extensible if/

Implements Hybrid Public Key Encryption (HPKE) as per RFC9180.

This supports all the modes, suites and export mechanisms defined
in RFC9180 and should be relatively easily extensible if/as new
suites are added. The APIs are based on the pseudo-code from the
RFC, e.g. OSS_HPKE_encap() roughly maps to SetupBaseS(). External
APIs are defined in include/openssl/hpke.h and documented in
doc/man3/OSSL_HPKE_CTX_new.pod. Tests (test/hpke_test.c) include
verifying a number of the test vectors from the RFC as well as
round-tripping for all the modes and suites. We have demonstrated
interoperability with other HPKE implementations via a fork [1]
that implements TLS Encrypted ClientHello (ECH) which uses HPKE.

@slontis provided huge help in getting this done and this makes
extensive use of the KEM handling code from his PR#19068.

[1] https://github.com/sftcd/openssl/tree/ECH-draft-13c

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17172)

show more ...